Though Michael has since apologized and said the remarks were more thought experiment than serious consideration, many wondered about the possibility of Uber leveraging its data on user rides for nefarious purposes.

In today’s post, the company says it “has a strict policy prohibiting all employees at every level from accessing a rider or driver’s data,” and that all employees are informed of these rules.

The data might be available under ‘legitimate business purposes,’ which Uber describes as the following:

Supporting riders and drivers in order to solve problems brought to their attention by the Uber community.

Facilitating payment transactions for drivers.

Monitoring driver and rider accounts for fraudulent activity, including terminating fake accounts and following up on stolen credit card reports.

Reviewing specific rider or driver accounts in order to troubleshoot bugs.

Uber says a rider’s trip history is confidential, and that it protects that data from unauthorized users both within and outside of the company.

Still, it’s not the first time the company has been under criticism for some of its practices. As the company itself notes, Uber’s business is reliant on the trust it builds with its riders and drivers – it has some patchwork to do after this week.

For its part, Uber says it will be transparent about its privacy policies as the company continues to grow.